CVE-2026-31255 | Tenda AC18 15.03.05.05_multi /goform/SetSambaCfg guestuser command injection

A vulnerability labeled as critical has been found in Tenda AC18 15.03.05.05_multi. Affected by this issue is some unknown functionality of the file /goform/SetSambaCfg. Executing a manipulation of the argument guestuser can lead to command injection.

This vulnerability is handled as CVE-2026-31255. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More